Exploit kits that aren’t RIG

Believe it or not, there are alternatives to the RIG Exploit Kit. Here’s a rundown of a few of them. Spelevo Spelevo was discovered in Q1 of 2019. Spelevo exploits a flaw in Adobe Flash Player (No way!) in order to drop the GootKit Trojan. The kit utilizes the CVE-2018-15982 vulnerability, which was previously used […]

Ransomware and Crypto Cybercrimes as popular as ever in 2019

According to new report released by McAfee Labs, Ransomware attacks have grown by 118% this year. New families have been detected, and threat actors have been using new, innovative techniques to evade AV and other protection softwares & appliances. The McAfee Labs Advanced Threat Research team were the first to discover a new family of […]

Best Security Practices for a Corporate Employee

So, you’ve heard about all of the recent breaches and don’t want to be the one who causes the next. Hopefully what you learn here today will help you achieve that goal. Applying best security practices isn’t difficult, it just takes a little thought and effort. Passwords Passwords aren’t tricky. The more complex, the less […]

Amazon hacker Paige “Erractic” Thompson indicted

A federal grand jury has decided to charge former Amazon software engineer Paige Thompson with wire fraud & computer fraud and abuse charges in the indictment announced Wednesday. She’s scheduled to be arraigned Sept. 5.  Thompson was arrested last month on charges that she hacked Capital One and 30 other companies. Sometime between March and […]

Imperva, The Lost API Keys, and Loose SSL Certs

Imperva shared information on a security breach August 27th that affects customers using its WAF product. The WAF is cloud based and analyzes suspicious traffic flowing into applications. The breach exposed user’s emails, hashed & salted passwords, and some customers SSL certs and API keys were also affected. Imperva has stated they learned about the […]